$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa File: 349778ec-dd5c-4e52-8440-4155573588c4.roa (raw, json) Hash identifier: PbKU5eCg13G74MdyZbiuk0YG7Tg2y4tVKhlQMN5OTiw= Subject key identifier: A1:3F:6F:B3:95:CA:A3:CC:E1:82:16:A8:64:58:09:7C:81:B1:DF:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27A497070D70604ABCD52D8A39A7B9B59EA97AB7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa Signing time: Tue 29 Jul 2025 00:10:52 +0000 ROA not before: Tue 29 Jul 2025 00:10:52 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:a4:97:07:0d:70:60:4a:bc:d5:2d:8a:39:a7:b9:b5:9e:a9:7a:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:10:52 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=bf15493ea1916874f7e11a0141d2acd82afb225bae7a0490abc9bd2569c1239f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:bd:e0:bf:35:89:0c:ad:d0:8c:fc:7c:22:09: b1:0d:d4:ef:8d:43:d8:8a:7f:b3:3b:81:3f:24:0f: 13:c8:60:47:2c:8c:44:ce:82:7b:da:bc:3f:50:dc: 16:df:3d:53:96:76:0a:7e:eb:c5:8b:d9:57:d0:b4: ed:f3:a9:a4:f8:18:be:cb:fb:7c:fc:f3:92:d9:05: 0f:d3:3e:89:50:09:b6:bf:5d:68:9f:c2:b6:c5:1a: e4:f3:de:f1:b3:ce:78:eb:5f:28:f0:9f:bc:04:70: a6:cb:e8:2c:2d:a4:cd:2e:93:6d:1e:48:a5:9c:f3: 4e:42:20:f4:d1:db:2a:85:c3:e4:be:c6:27:05:37: 24:de:1b:aa:ca:d2:b6:a4:2a:5d:ad:12:61:93:33: 75:29:de:ff:2b:17:d4:86:de:22:35:bd:e3:3e:51: 26:23:57:e7:83:3b:e4:c7:52:ca:4e:8f:4b:66:e1: 03:16:84:54:f0:d2:81:f4:90:9b:2f:e7:f9:c8:01: 62:48:97:30:90:1d:f5:32:12:ab:f7:24:bd:95:e6: ae:66:30:7a:fb:31:fb:0e:4c:7f:4e:b7:ee:c3:ca: f1:3c:e8:06:94:d0:6c:a6:f3:ec:8d:cd:49:aa:71: 81:ff:a8:d6:ff:47:94:28:64:94:70:76:86:21:1f: 0c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:3F:6F:B3:95:CA:A3:CC:E1:82:16:A8:64:58:09:7C:81:B1:DF:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 78:a4:22:49:77:a3:2c:9b:84:f9:09:7d:cb:9b:98:5a:1a:8a: 2f:1b:6e:36:38:3d:1f:80:d7:38:71:b5:d4:ec:76:b7:0e:6b: 0f:60:16:37:2d:22:f3:14:6a:e5:b4:0f:bf:fa:07:bb:8b:af: be:b5:5d:3d:ff:0d:f2:ad:ca:8c:b2:cf:8c:d5:72:88:88:48: 9c:da:07:2b:4d:93:59:66:78:bd:86:bb:0f:a7:33:f2:bb:85: 8e:fd:aa:24:00:68:04:7b:11:ee:18:ee:54:35:16:ab:33:25: e0:dc:57:16:f9:04:7f:2b:af:2e:f6:37:2f:3d:bb:71:75:60: 07:ed:20:eb:36:d9:f5:4f:04:a3:fc:9d:17:07:c2:62:59:cb: ed:fb:d1:c4:5a:d3:b6:a9:c4:e3:94:f1:6d:05:71:e4:1e:19: c6:1f:45:ac:98:2d:a9:d3:c1:e8:da:0d:a4:a2:30:b6:bd:a8: 09:9f:d5:61:2a:c2:83:d5:84:b1:83:2a:f8:68:6f:a3:b6:fc: 60:d4:e5:57:d0:01:50:7d:d7:04:54:04:4c:a6:c1:12:35:e5: dc:66:da:62:2b:09:4f:77:d6:66:50:7f:a0:74:66:41:73:19: 06:bc:d0:2e:65:9f:1a:39:29:c4:85:b5:81:84:ad:cf:cb:82: 3a:56:62:8a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJ6SXBw1wYEq81S2KOae5tZ6percwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMTA1MloX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAYmYxNTQ5M2VhMTkxNjg3NGY3ZTEx YTAxNDFkMmFjZDgyYWZiMjI1YmFlN2EwNDkwYWJjOWJkMjU2OWMxMjM5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b3gvzWJDK3QjPx8IgmxDdTvjUPY in+zO4E/JA8TyGBHLIxEzoJ72rw/UNwW3z1TlnYKfuvFi9lX0LTt86mk+Bi+y/t8 /POS2QUP0z6JUAm2v11on8K2xRrk897xs854618o8J+8BHCmy+gsLaTNLpNtHkil nPNOQiD00dsqhcPkvsYnBTck3huqytK2pCpdrRJhkzN1Kd7/KxfUht4iNb3jPlEm I1fngzvkx1LKTo9LZuEDFoRU8NKB9JCbL+f5yAFiSJcwkB31MhKr9yS9leauZjB6 +zH7Dkx/Trfuw8rxPOgGlNBspvPsjc1JqnGB/6jW/0eUKGSUcHaGIR8MQwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKE/b7OVyqPM4YIWqGRYCXyBsd/6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM0OTc3OGVjLWRkNWMtNGU1Mi04NDQwLTQxNTU1NzM1ODhjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/+DAMA0GCSqGSIb3DQEBCwUAA4IBAQB4pCJJd6Msm4T5CX3L m5haGoovG242OD0fgNc4cbXU7Ha3DmsPYBY3LSLzFGrltA+/+ge7i6++tV09/w3y rcqMss+M1XKIiEic2gcrTZNZZni9hrsPpzPyu4WO/aokAGgEexHuGO5UNRarMyXg 3FcW+QR/K68u9jcvPbtxdWAH7SDrNtn1TwSj/J0XB8JiWcvt+9HEWtO2qcTjlPFt BXHkHhnGH0WsmC2p08Ho2g2kojC2vagJn9VhKsKD1YSxgyr4aG+jtvxg1OVX0AFQ fdcEVARMpsESNeXcZtpiKwlPd9ZmUH+gdGZBcxkGvNAuZZ8aOSnEhbWBhK3Py4I6 VmKK -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:47 2025 by rpki-client